package com.xtayfjpk.security.jaas.demo;

import java.security.AccessControlContext;
import java.security.PrivilegedAction;

import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;


public class App {
	
	public static void main(String[] args) throws Exception {
		System.setProperty("java.security.auth.login.config", "demo.config");
		System.setProperty("java.security.policy", "demo.policy");
		System.setSecurityManager(new SecurityManager());
		LoginContext context = null;
		try {
			context = new LoginContext("demo", new DemoCallbackHander());
			context.login();
		} catch (LoginException le) {
		    System.err.println("Cannot create LoginContext. " + le.getMessage());
		    System.exit(-1);
		} catch (SecurityException se) {
		    System.err.println("Cannot create LoginContext. " + se.getMessage());
		    System.exit(-1);
		}
		
		
		System.out.println("Authentication succeeded!");
		
		Subject subject = context.getSubject();
		/*Subject.doAsPrivileged(subject, new PrivilegedAction<Object>() {
			@Override
			public Object run() {
				// TODO Auto-generated method stub
				System.out.println(System.getProperty("java.home"));
				return null;
			}
		}, null);*/
		Subject.doAs(subject, new PrivilegedAction<Object>() {
			@Override
			public Object run() {
				// TODO Auto-generated method stub
				System.out.println(System.getProperty("java.home"));
				return null;
			}
		});
		
		
		AccessControlContext acc;
		
		
		/*URL url = new URL("file://D:\\work\\MyProject\\java-security\\demo.policy");
		PolicyFile policyFile = new PolicyFile(url);
		System.out.println(policyFile);
		System.out.println(App.class.getProtectionDomain().getPrincipals().length);
		//App.class.getProtectionDomain()
		
		ProtectionDomain domain = App.class.getProtectionDomain();
		ProtectionDomain domain2 = DemoPrincipal.class.getProtectionDomain();
		System.out.println(domain==domain2);
		
		
		Permission readPermission = new PropertyPermission("java.home", "read");
		PermissionCollection pc = policyFile.getPermissions(domain.getCodeSource());*/
		//System.out.println(pc);
		
		//System.out.println(policyFile.getPermissions(App.class.getProtectionDomain()));
		
		/*System.out.println(domain.getPrincipals().length);
		boolean imply = policyFile.implies(domain, readPermission);
		System.out.println(imply);
		imply = domain.implies(readPermission);
		System.out.println(imply);
	
		Method method = PolicyFile.class.getDeclaredMethod("getPermissions", Permissions.class, ProtectionDomain.class);
		method.setAccessible(true);
		PermissionCollection collection = (PermissionCollection) method.invoke(policyFile, new Permissions(), App.class.getProtectionDomain());
		System.out.println(collection);
		
		Method checkMethod = Policy.class.getDeclaredMethod("getPolicyNoCheck");
		checkMethod.setAccessible(true);
		Object obj = checkMethod.invoke(null);
		PolicyFile systemPolicy = (PolicyFile) obj;
		imply = systemPolicy.implies(domain, readPermission);
		System.out.println(imply);
		System.out.println(systemPolicy.getPermissions(domain).implies(readPermission));
		
		
		Field policyInfoField = PolicyFile.class.getDeclaredField("policyInfo");
		policyInfoField.setAccessible(true);
		obj = policyInfoField.get(systemPolicy);
		System.out.println(obj);
		AtomicReference policyInfoRef = (AtomicReference) obj;
		Object policyInfo = policyInfoRef.get();
		Method mappingMethod = policyInfo.getClass().getDeclaredMethod("getPdMapping");
		mappingMethod.setAccessible(true);
		JavaSecurityProtectionDomainAccess.ProtectionDomainCache cache = (ProtectionDomainCache) mappingMethod.invoke(policyInfo);
		System.out.println("---" + cache);
		cache.put(domain, null);
		imply = systemPolicy.implies(domain, readPermission);
		System.out.println(imply);*/
	}
	
	
}
